Description of problem: Any iptables.txt doesn't gathered with must-gather. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.Create a VM and make sure it's running 2.run must-gather command oc adm must-gather --image=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator@sha256:7f80c464361e1acb656abebdac9cc48562416d8e72a0c2394f188972f1150a32:v4.12 -- /usr/bin/gather 3.Navigate to the folder it opens and search for iptables.txt find . -name "iptables.txt" Actual results: The output doesn't contain any iptables.txt Expected results: iptables output files named iptables.txt exist in the output directory. Additional info: Also Tried on 4.13 cluster with the same result.
> registry-proxy.engineering.redhat.com/rh-osbs/container-native-virtualization-cnv-must-gather-rhel8:v4.8.0 please use the right must-gather version matching CNV version.
Tried with the correct image for 4.12 and 4.13 with the same result
It got renamed from ${ocvm}.iptables.txt to ${ocvm}.ruletables.txt with: https://github.com/kubevirt/must-gather/pull/115 Or, should we prefer ruletables.txt over iptables.txt and amend the test?
Yes please, because iptables is deprecated, main way is nftables iptables is just a fallback hence the rename Thanks
OK, closing as WONTFIX as for the last comment. Ohad, please adapt the test to the new expected filename.
well we did fix it by collecting nft when the binary exists, and collecting iptables otherwise (the PR you posted) however the test should be adapted indeed please
@oshoval This test was modified based on the changes you mentioned. We now look for a file with name as *ruletables.txt in the gathered data. In this file we expect sections: 1)table ip filter 2)table ip nat Lately we are not finding those sections in the file intermittently, hence the bug was logged. Was there any recent changes in this area? Are these headers still expected in the file?
Hi In case nftables exists it wont print those two, but just the output of "nft list ruleset" (we moved to nftables, so it is logical newer versions have the nft binary) https://github.com/kubevirt/must-gather/pull/115/files#diff-a37e8e9a44092d71604b65f352bcb0a294fe0255d2854fc93d21efc92ee5ba41R81 otherwise it will print the legacy output of "iptables -t filter -L" and "iptables -t nat -L" (in both cases the output is at *ruletables.txt)
We are seeing this on 4.12.3, 4.11.z as well as 4.13.0.
This might be a duplicate of 2214454, while I still see this in 4.12.z, I am not hitting this in 4.13.1 anymore.
*** This bug has been marked as a duplicate of bug 2214454 ***
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days